From healthcare to the e-commerce industry, there is no more important focus than data security. A single introduction of destructive malware or the theft of a few records could be catastrophic as recent studies show that every single stolen file could cost a company $150. If you are a smaller organization, the total cost could be catastrophic.
Now, we have an unheard-of situation on our hands as the coronavirus sweeps around the globe. Many businesses are sending their employees home to work remotely, and if your company is not prepared, the change could create new vulnerabilities. To protect your company, smart planning and proper training are necessary.
Effective Cybersecurity is Essential
The rise of the coronavirus is bringing new light to the need for cybersecurity. Hackers know that employees are going remote, and they are fully aware that many companies do not take security as seriously as they should. Currently, there is a 667% spike in cybercrimes now at the height of the pandemic, so cybersecurity is more important than ever.
Even when there isn’t a global threat, your business needs to stay protected. The best way to do that is to take an overly cautious or Zero-Trust approach to cybersecurity. Essentially that means leaving no stone unturned by properly vetting all third-party vendors, ensuring that all backups are in place, and even avoiding connection to a cloud computing service that your business can’t control or manage. Some companies are even moving over to artificial intelligence for better decision making while lowering the chance of human error, which translates to fewer cyber crimes. This is a significant step, but it is likely the future.
But your IT team can only do so much. In the end, it all comes down to proper employee training in order to avoid the common mistakes that can lead to data breaches and dangerous viruses. When sending your employees home, give them strict guidelines, and check their systems to ensure that all safeguards are in place.
Be Wary of Social Engineering Scams
Working from a new environment can be an exciting experience, so it can be easy for employees to forget that even though they aren’t in the corporate office, their equipment still needs to remain secure. Some of the biggest threats made more dangerous by the situation of the coronavirus are social engineering attacks and phishing emails. Social engineering attacks are designed to get a fearful response out of customers, so hackers are sending emails that appear to be “sent” from a figure of authority related to COVID-19.
Current scams include emails that promote fake offers for testing kits and vaccinations, while others are trying to push phony sickness statistics. There are also phishing emails not connected to the coronavirus at all, including fake emails about false charges at your bank or claims that your email account has been accessed by an unauthorized individual. In almost all cases, these emails will include a link or attachment, and when the victim is tricked into clicking or opening them, a piece of malware is usually uploaded into the computer.
Because of this constant danger, it is important for employees to remember the signs of a phishing scam:
- An email with misspelled words in the body or subject.
- An email that comes from a familiar email address that is off by a letter or two.
- An email that conveys a sense of urgency from a sender of whom you are unfamiliar.
Other social engineering attacks can include scams where you get a pop up on your computer that informs you that you have a virus and that you need to update your security with a fake program. Downloading and attempting to install this application could lead to unauthorized hacker access. As a fail-safe, employees should always remember not to install any programs on their computer unless it has been approved by the IT department.
Protect Company and Personal Equipment
When it comes to working from home, security becomes even more important, because you need to not only keep the company property safe, but you need to keep your personal technology and data secure as well, as one system can infect another. For instance, if an employee had to email a document from their work computer to their personal computer so they could print it, and that file came into contact with malware on the personal device, it could be transferred back to the work computer. So, working from home requires a return to security basics on all fronts.
Employee logins on all devices must remain secure and be changed on a regular basis, with difficult-to-guess passwords that include letters, numbers, and special characters. Employers would also be smart to employ the use of virtual private networks that will allow their workers to do their online work anonymously so a hacker cannot easily find them. Finally, proper antivirus software and firewall protection should be applied to every computer, and all new updates must be applied.
When working remotely, employees may feel the need to work outside of the home at public places like coffee shops and parks, but leaving home requires extra precautions. If it is necessary to connect to Wi-Fi, then ensure that you are using a secure connection because hackers can set up fake accounts that will allow the hacker to see all of your data. Finally, all devices, whether in or out of the office, should use two-factor authentication that requires you to enter a code in addition to your password, in case your device gets lost.
Whether it is due to current health trends or the cost-effectiveness of remote work, you will continue to see more employees working from home. Put the proper precautions in place now and protect your data and your business tomorrow.
Remote Access Vulnerability External Scan Try and Buy
“No cost” external scans to hunt for remote access vulnerabilities/misconfigurations. Employees are using insecure remote access methods (e.g., RDP) to gain access back to their corporate offices. This scan highlights these risks and any others that might be present on your VPN/remote management devices that attackers could take advantage of during this time.
- Up to 60 days of external vulnerability scans at no-cost
- Weekly scans with reporting on any exposure
- One weekly call to discuss anything urgent (especially with remote access)
Author Bio: Jori Hamilton is an experienced writer from the Northwestern U.S. She covers a wide range of topics but takes a particular interest in topics related to technology, AI, Machine Learning, and Cybersecurity. If she’s not writing, she enjoys traveling the U.S. and being curled up in a blanket, reading a good book. You can follow her on Twitter and LinkedIn.
Jori is a guest blogger. All opinions are her own.